Senior Manager Cyber Security Risk Oversight, CCOR

End date
Thursday 08 June 2023

Salary range
£67,896 - £84,870

Agile Working Options
Hybrid Working

Job description

No day in Conduct, Compliance and Operational Risk (CCOR) is the same. We engage right across the Group, advising on ways to improve how we keep the Bank safe, delight our customers and Help Britain Prosper. This means we work closely as a collaborative team and spend a lot of our time looking at different areas of the Bank and analysing data to help our teams and businesses.

We're a diverse group of people, who come from many different backgrounds. Whilst we celebrate these differences, we share a common vision to offer new insight, support and challenge to senior management.

Sound like your kind of place?
We're looking for a dynamic, motivated, and confident individual to join our second line security risk oversight team. This is a senior management role to provide security risk advice and challenge to business leaders across the Group. This will include horizon scanning and using external industry knowledge to identify emerging risk themes and collaborating with colleagues in other teams to deliver impactful oversight with insight.

What you'll be doing:

• Lead a portfolio of oversight activities and provide security SME input and support to oversight activities.
• Build and maintain rapport with key business, technology, and security partners to monitor for emerging risks and challenges.
• Attend senior risk committees, providing 'in the moment' feedback and challenge on risk approach and treatment.
• Conduct specific pieces of security risk oversight, writing insightful executive level reports summarising opinions of how key functions are handling risk and defining value adding actions and recommendations.

What we need from you...

• You'll be an authority in your field and will demonstrate a thorough knowledge of cyber security risk within financial services.
• Significant experience in cyber security working with industry frameworks such as NIST or ISO27001.
• Qualifications: Ideally hold CISSP, CRISC, CISM, CISA, CCSP, ISO27k Lead Auditor or similar.
• Subject matter expertise in one or more of the following: security architecture, network security, secure software development lifecycle, cloud security, identity access management, data loss prevention, security strategy, security risk management.
• Significant experience in supporting businesses to lead security risk in a partnership, oversight, or consulting role.

What we're looking for:

Key Capabilities, Knowledge, Skills and Experience...

• You'll be an excellent communicator (verbal and written) and will be expected to provide high quality presentations to the Group Operational Risk Director and senior partners in the Chief Security Office.
• You'll be expected to build strong relationships across the Chief Security Office and the wider Risk team, guide partners and be able to support and challenge senior executives.
• A broad understanding of relevant legislation and regulation affecting security within financial services and an understanding of the relevant risk management frameworks. Knowledge of emerging technologies and associated vulnerabilities and risks.
• Thorough understanding of cyber threats and how they affect financial services.
• Analytical skills and thought leadership to be able to identify and challenge on key areas of cyber risk.
• Be able to influence and contribute to the overall Group strategy and objectives.
• Develop tailored and innovate approaches to make sure that security risks are a core part of strategic programmes.
• Experience of independently scoping and conducting security risk assessments, preferably within banking or financial services organisations is critical.
• A collaborative management style and empowers team members to deliver their best through coaching and developing their capabilities.
• A passion to develop your skills, accept new challenges and work flexibly. Deepening your understanding of security innovation as it emerges and evolves.

So what can we offer you in return...

As a multi-brand, multi-channel business, we have the scale and breadth to provide you with a diverse range of personal development and a career that's enriching and full of opportunity. In return for your expertise, you'll enjoy our total dedication to your ongoing personal and professional development. We'll help you perform at your best today, so you can fulfil all your potential in the future.

We're passionate about diversity and equal opportunity with industry recognition across gender, ethnicity, disability, LGBTQ+ and families. Just let us know if you need any reasonable adjustments made to our recruitment processes, and we'll try to accommodate them. Together we make it possible - join us and you'll be part of an organisation that values your contribution and empowers you to make a difference! We're an agile team offering flexible work patterns with the need to be in the office 2/3 days per week, whether that be your base office or one you have travelled to for a specific reason.

As a function we're keen to receive applications from candidates interested in working the role as a job share. If you have an existing job share partner, your application will be considered jointly - you'll still need to submit individual applications, but these should be aligned and make it clear that you're applying on this basis. You'll be invited to a joint interview and our assessment will be based on whether you have the skills, experience and demonstration of the Lloyds Banking Group's Values between you to meet the requirements of the role.